[Samba] Samba/LDAP documentation
Tony Earnshaw
tonye at billy.demon.nl
Sat Feb 12 18:18:18 GMT 2005
List, documenters;
I'd like to exchange notes about the official Samba 3 LDAP doco.
I'd like to do this off list, since doing it on list would simply confuse
and confound users wit perfectly working systems.
Background:
Me, Samba relative newbie, though I can get *everything* Samba-orientated
to work simply by using umpteen years Unix experience. Many years as
Openldap admin. With Windows it's worse, since I'm beginning again after
many years' absence - but it all works if I try hard enough and follow the
docs (but more importantly my own intuition. Windows stinks, since changes
in subversions nullify the experience gained in previous versions.
However, we all knew that.
Openldap experience is a couple or three years long, BUT I'm not prepared
to discuss *anything* prior to OL 2.2.17 (the present stable version as
notified by OpenLDAP.org is 2.2.23). For example, Red Hat's 2.0.27 or
2.1.22 are unstable and will break on extended loading or extended uptime.
Worst is, that with OL 2.0.27 there's no method of repairing
sparse/corrupted databases other than wit a rebuild from a dumped ldif;
with Red Hat's 2.1.22 databases are guaranteed to become corrupted
(Sleepycat BDB 4.1), though there is a way of repairing the DB (whilst the
server is *down*). OL 2.2.17's and higher use patched Sleepycat's BDB
4.2.52, are mostly guaranteed against corruption (if correctly configured
using DB_CONFIG) and even in the case of a corrupted DB (which I've
*never* experienced, whatever) can be repaired.
Samba's NT groups as documented in the HOWTO (Terpstra and Coupeau) are
worthless. (Sorry JT). OL 2.2 don't like Unix GIDs or UIDs with spaces in
their names (f.ex. "Domain Admins"). Worse, Linux don't like them. Worst
of all, it looks like shit on an 'ls -l'. I have my own alternative method
which works perfectly. That's what I'd like to discuss, off list. No, I
haven't asked IDEALX, no I haven't consulted anyone else than Billy my
Cat, my IT consultant. He's in perfect agreement with me - but then, he
usually is, if he gets food and petting regularly.
Best,
--Tonni
--
mail: tonye at billy.demon.nl
http://www.billy.demon.nl
More information about the samba
mailing list